﻿#region

using System.Web;
using System.Web.Mvc;

#endregion

namespace HouseHoldBudget.Framework.Security
{
    public class BudgetAuthorizeAttribute : AuthorizeAttribute
    {
        #region Constructors

        public BudgetAuthorizeAttribute()
        {
            SuperAdmin = false;
        }

        public BudgetAuthorizeAttribute(bool superAdmin)
        {
            SuperAdmin = superAdmin;
        }

        #endregion

        #region Instance Properties

        public bool SuperAdmin { get; set; }

        #endregion

        #region Instance Methods

        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            base.OnAuthorization(filterContext);

            //If authorization results in HttpUnauthorizedResult, redirect to error page instead of Logon page.        
            if (filterContext.Result is HttpUnauthorizedResult && filterContext.HttpContext.User.Identity.IsAuthenticated)
            {
                filterContext.Result = new RedirectResult("~/Account/UnauthorizedAccess");
            }
        }

        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            return httpContext.User.Identity.IsAuthenticated;
        }

        #endregion
    }
}